search

adobe / aio-cli-plugin-app

Create, Build and Deploy Cloud Native Applications
Apache License 2.0
19 stars 35 forks source link

For OAuth webapp credentials in a project, escaped redirect_uri from Developer Console causes a validation error #719

Closed shazron closed 1 year ago

shazron commented 1 year ago

Description

Adobe Developer Console requires the redirect_uri for an oauth credential to escape all . characters with \\, so https://example.com will need to be https://example\\.com (not a valid uri). In the downloaded project json, this value is further escaped as https://example\\\\.com (also not a valid uri).

Expected

aio app init does not have a configuration error for oauth webapp credentials.

Actual

Error during aio app init:

›   Error: Missing or invalid keys in config: [
 ›     {
 ›       "instancePath": "/project/workspace/details/credentials/1/oauth2/redirect_uri/0",
 ›       "schemaPath": "#/definitions/oauth2/properties/redirect_uri/items/format",
 ›       "keyword": "format",
 ›       "params": {
 ›         "format": "uri"
 ›       },
 ›       "message": "must match format \"uri\""
 ›     },
 ›     {
 ›       "instancePath": "/project/workspace/details/credentials/1",
 ›       "schemaPath": "#/allOf/0/if",
 ›       "keyword": "if",
 ›       "params": {
 ›         "failingKeyword": "else"
 ›       },
 ›       "message": "must match \"else\" schema"
 ›     }
 ›   ]

Repro steps

  1. Create an Adobe Developer Console project via web browser
  2. Add Adobe Stock as a service
  3. Choose OAuth WebApp
  4. Use https://example.com as the redirect_uri (escape as required) and the default_redirect_uri
  5. aio app init and choose the Project

Sample client credential that shows the issue:

{
    "id": "912359015",
    "name": "Project 1693811251252635560A",
    "integration_type": "oauthwebapp",
    "oauth2": {
        "client_id": "5123612313636",
        "client_secret": "3613613613613631aasfa",
        "redirect_uri": [
            "https://example\\\\.com"
        ],
        "defaultRedirectUri": "https://example.com"
    }
}

Fix

We remove strict uri validation from the schema and treat it as a string, since Adobe Developer Console would already do the validation it needs. https://github.com/adobe/aio-cli-plugin-app/blob/682f103012c48938bb9915a024cdd6cb29cfea03/schema/config.schema.json#L216

There are two occurrences: oauth2 and oauthsinglepageapp.

Workaround

  1. Download the project .json from Adobe Developer Console (Download All button in Project Overview)
  2. Edit the redirect_uri from the credential to remove the escapes
  3. If you are initializing code, do a aio app init --import YOUR_CONSOLE_JSON_PATH_HERE.json [PROJECT_PATH] OR
  4. If you have existing code, do a aio app use YOUR_CONSOLE_JSON_PATH_HERE.json
aiojbot commented 1 year ago

JIRA issue created: https://jira.corp.adobe.com/browse/ACNA-2522